- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 22 for claims0 (0.36 sec)
-
cmd/sts-handlers.go
// metadata map claims[expClaim] = UTCNow().Add(time.Duration(expiry) * time.Second).Unix() claims[subClaim] = parentUser claims[roleArnClaim] = roleArn.String() claims[parentClaim] = parentUser // Add all other claims from the plugin **without** replacing any // existing claims. for k, v := range res.Success.Claims { if _, ok := claims[k]; !ok { claims[k] = v } }
Registered: Sun Jun 16 00:44:34 UTC 2024 - Last Modified: Tue Jun 11 03:13:30 UTC 2024 - 33.9K bytes - Viewed (0) -
cmd/iam.go
} // Finally, if there is no parent policy, check if a policy claim is // present in the session token. if len(policies) == 0 { // If there is no parent policy mapping, we fall back to // using policy claim from JWT. policySet, ok := args.GetPolicies(iamPolicyClaimNameOpenID()) if !ok { // When claims are set, it should have a policy claim field. return false }
Registered: Sun Jun 16 00:44:34 UTC 2024 - Last Modified: Thu Jun 13 22:26:38 UTC 2024 - 71.9K bytes - Viewed (0) -
CREDITS
Contributor. If that Commercial Contributor then makes performance claims, or offers warranties related to Product X, those performance claims and warranties are such Commercial Contributor's responsibility alone. Under this section, the Commercial Contributor would have to defend claims against the other Contributors related to those performance claims and warranties, and if a court requires any other Contributor to
Registered: Sun Jun 16 00:44:34 UTC 2024 - Last Modified: Thu Jun 13 15:34:20 UTC 2024 - 1.7M bytes - Viewed (0) -
cmd/signature-v4-utils.go
return cred, false, ErrAccessKeyDisabled } return cred, false, ErrInvalidAccessKeyID } cred = u.Credentials } claims, s3Err := checkClaimsFromToken(r, cred) if s3Err != ErrNone { return cred, false, s3Err } cred.Claims = claims owner := cred.AccessKey == globalActiveCred.AccessKey || (cred.ParentUser == globalActiveCred.AccessKey && cred.AccessKey != siteReplicatorSvcAcc)
Registered: Sun Jun 16 00:44:34 UTC 2024 - Last Modified: Thu Jun 13 22:26:38 UTC 2024 - 9.1K bytes - Viewed (0) -
cmd/iam-store.go
} var ( err error claims map[string]interface{} = cred.Claims ) if cred.IsServiceAccount() { claims, err = getClaimsFromTokenWithSecret(cred.SessionToken, cred.SecretKey) } else if cred.IsTemp() { var secretKey string secretKey, err = getTokenSigningKey() if err != nil { continue } claims, err = getClaimsFromTokenWithSecret(cred.SessionToken, secretKey)
Registered: Sun Jun 16 00:44:34 UTC 2024 - Last Modified: Thu Jun 13 22:26:38 UTC 2024 - 75.8K bytes - Viewed (0) -
cmd/bucket-handlers.go
Action: policy.ListBucketAction, BucketName: bucketInfo.Name, ConditionValues: getConditionValues(r, "", cred), IsOwner: owner, ObjectName: "", Claims: cred.Claims, }) { bucketsInfo[n] = bucketInfo n++ } else if globalIAMSys.IsAllowed(policy.Args{ AccountName: cred.AccessKey, Groups: cred.Groups,
Registered: Sun Jun 16 00:44:34 UTC 2024 - Last Modified: Fri Jun 14 13:28:35 UTC 2024 - 61.2K bytes - Viewed (0) -
cmd/sts-handlers_test.go
} // Retrieve the credential's claims. secret, err := getTokenSigningKey() if err != nil { c.Fatalf("Error getting token signing key: %v", err) } claims, err := getClaimsFromTokenWithSecret(value.SessionToken, secret) if err != nil { c.Fatalf("Error getting claims from token: %v", err) } // Validate claims. dnClaim := claims[ldapActualUser].(string)
Registered: Sun Jun 16 00:44:34 UTC 2024 - Last Modified: Mon Jun 10 18:45:50 UTC 2024 - 90K bytes - Viewed (0) -
cmd/storage-rest-server.go
} return errMalformedAuth } claims := xjwt.NewStandardClaims() if err = xjwt.ParseWithStandardClaims(token, claims, []byte(globalActiveCred.SecretKey)); err != nil { return errAuthentication } owner := claims.AccessKey == globalActiveCred.AccessKey || claims.Subject == globalActiveCred.AccessKey if !owner { return errAuthentication } if claims.Audience != r.URL.RawQuery {
Registered: Sun Jun 16 00:44:34 UTC 2024 - Last Modified: Mon Jun 10 15:51:27 UTC 2024 - 44.8K bytes - Viewed (0) -
CHANGELOG/CHANGELOG-1.30.md
- When configuring a JWT authenticator: If `username.expression` used 'claims.email', then 'claims.email_verified' must have been used in `username.expression` or `extra[*].valueExpression` or `claimValidationRules[*].expression`. An example claim validation rule expression that matches the validation automatically applied when `username.claim` is set to 'email' is 'claims.?email_verified.orValue(true)'.
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed Jun 12 04:05:28 UTC 2024 - 253.2K bytes - Viewed (0) -
cmd/iam-etcd-store.go
deleteKeyEtcd(ctx, ies.client, getUserIdentityPath(user, userType)) deleteKeyEtcd(ctx, ies.client, getMappedPolicyPath(user, userType, false)) } return nil } u.Credentials.Claims = jwtClaims.Map() } if u.Credentials.Description == "" { u.Credentials.Description = u.Credentials.Comment } m[user] = u return nil }
Registered: Sun Jun 16 00:44:34 UTC 2024 - Last Modified: Thu Jun 13 22:26:38 UTC 2024 - 13.6K bytes - Viewed (0)